Siemens Innovation Ecosystem Data Privacy Notice

May 12, 2020

This Data Privacy Notice applies to the innovation platform operated by Siemens AG under the name Siemens Innovation Ecosystem (“SIE”) and to the campaigns, challenges and idea competitions (“Challenges”) run by different Siemens companies on the SIE platform.

Please note that the terms of terms use which must be accepted by you when registering for a particular Challenge may include additional information on the processing of personal data specific to that Challenge.

Siemens AG and the Siemens companies running Challenges (which may include Siemens AG) are collectively referred to as “Siemens” where appropriate.

1.         Categories of personal data processed, purpose of the processing, data controller and legal basis

Registration Data
When registering on the SIE platform, you are required to provide, and Siemens AG will process, the following personal data about you: name, e-mail address, company / organization name, country of residence and nationality. You may voluntarily add a photo to your user profile. Where necessary in connection with a particular Challenge, you may be asked to state your competencies relevant for the Challenge concerned. You may always edit or remove your photo.
If you access SIE from within the Siemens network (“Siemens Participant”), all personal data in your SCD profile will be stored in SIE.
If you are associated with an external organizations or company (“External Participant”), you will also be asked to provide your age.

Usage Meta Data
Moreover, Siemens AG processes information that is automatically sent to us by your web browser or device, such as your IP-address, device type, browser type, referring site, sites accessed during your visit and the date and time of each visitor request.

The data controller for Registration Data and Device Meta Data is Siemens AG, Germany.

Challenge Data
Within a Challenge for which you have registered, you may submit an idea, comment on, share, vote for, or “like” an idea, or, depending on your role, evaluate an idea. In case of crowdfunding challenges, you may allocate a sum of a virtual budget to a project. Any of the aforementioned actions, if undertaken by you, will be linked to your Registration Data and will constitute Challenge Data.

The data controller for Challenge Data is the Siemens company responsible for the relevant Challenge (as identified in the terms of use accepted by you when registering for that Challenge).


Siemens processes your personal data (i.e. Registration Data, Usage Meta Data and Challenge Data), for the following purposes:

  • To provide the services and functions of SIE and to administer your use of the SIE
  • To verify your identity and, if you are an external Participant, to determine your legal capacity;
  • To answer and fulfill your specific requests;
  • To ensure compliance with export control laws
  • As reasonably necessary to enforce the applicable terms of use, to establish or preserve a legal claim or defense, to prevent fraud or other illegal activities, including attacks on Siemens’ information technology systems.

The legal basis for Siemens processing data about you is that such processing is necessary for the purposes of:
 
  • Legitimate interests pursued by Siemens (Article 6 (1) (f) General Data Protection Regulation). Generally, the legitimate interest pursued by Siemens in relation to our use of your personal data is the efficient performance or management of your use of the SIE platform and your participation in Challenges, and/or
  • Compliance with Siemens’ legal obligations (Article 6 (1) (c) General Data Protection Regulation).
Cookies
                                                                           
On SIE Siemens AG uses cookies (small text files placed on your terminal device) for the following purposes:

Functional Cookies: We use cookies to store the information related to your current user session and to remember your user preferences. These cookies have a lifetime of 14 days.

Analytics Cookies: We also use cookies (Adobe Analytics and Matomo) for the measurement, collection, analysis and reporting of web data (including the visited website and the website’s metadata, websites that link to Siemens, the time of the visit, and the browser used) for purposes of understanding and optimizing usage of SIE.
The data stored with the help of these analytics cookies does not contain any data that can be used to directly identify you. In particular, the IP address of your terminal device will be truncated (i.e. anonymized) before being stored.
To prevent aggregating and analyzing the data collected from your visit to SIE by Adobe or Matomo:
  • Adobe: Please click here to create a so-called exclusion cookie on your device. It contains no personal data, but technically enables Adobe Analytics to permanently recognize your preference. If you delete this exclusion cookie or if you change your computer or web browser, you will need to create the exclusion cookie again.
  • Matomo: To prevent aggregating and analyzing the data collected from your visit to SIE by Matomo, please uncheck the box below:

To the extent the IDs of functional cookies and/or the user IDs and associated analytics data created by Adobe Analytics and Matomo are to be considered personal data within the meaning of the General Data Protection Regulation, the legal basis for processing this data is Siemens AG’s legitimate interest to operate SIE and to measure the use of and to improve SIE (Article 6 (1) (f) General Data Protection Regulation).

2.         Transfer and disclosure of personal data

If you are a Siemens Participant, your Challenge Data may be visible to other Siemens Participants worldwide. Towards External Participants, only your name, e-mail address and Siemens affiliation will be visible.

If you are an External Participant, your Challenge Data (except your age) may be visible to (i) other External Participants associated to the same organisation as you and (ii) Siemens Participants worldwide.

Moreover, Siemens may transfer your personal data to:
 
  • third parties which provide IT services to Siemens and which process such data only for the purpose of such services (e.g., hosting or IT maintenance and support services); and/or
  • third parties in connection with complying with legal obligations or establishing, exercising or defending rights or claims (e.g., for court and arbitration proceedings, to law enforcement authorities and regulators, to attorneys and consultants).

Sometimes the recipients to whom Siemens transfers your personal data are located in countries in which applicable laws do not offer the same level of data protection as the laws of your home country.

In such cases, Siemens takes measures to implement appropriate and suitable safeguards for the protection of your personal data.  In particular:
  • We share your personal data with Siemens companies in such countries only if they have implemented the Siemens Binding Corporate Rules („BCR“) for the protection of personal data. Further information about the Siemens BCR can be found here.
  • We transfer personal data to external recipients in such countries only if the recipient has (i) entered into EU Standard Contractual Clauses with Siemens, (ii) implemented Binding Corporate Rules in its organization or (iii) – in case of US recipients – the recipient is certified under the Privacy Shield. You may request further information about the safeguards implemented in relation to specific transfers by contacting dataprotection@siemens.com.


3.         Retention Periods

Challenge Data will be stored on SIE for a period of 7 years, unless a different retention period has been defined for a Challenge.

If you delete your SIE account, your Registration Data will be deleted from the SIE participant database if you have not participated in any Challenge. Otherwise your Registration Data will be stored together with Challenge Data for 7 years.


4.         Your rights

Under applicable data protection law you may have the right to:
  • Obtain from Siemens confirmation as to whether or not personal data concerning you are being processed, and where that is the case, access to the personal data;
  • Obtain from Siemens the rectification of inaccurate personal data concerning you;
  • Obtain from Siemens the erasure of your personal data;
  • Obtain from Siemens restriction of processing regarding your personal data;
  • Data portability concerning personal data, which you actively provided; and
  • Object, on grounds relating to your particular situation, to processing of personal data concerning you.

Further background information and explanations related to the rights described above are available on the European Commissions’ website “Rights for citizens”.


5.         Data Privacy Contact

The Siemens Data Protection Organization provides support with any data privacy related questions, comments, concerns or complaints or in case you wish to exercise any of your data privacy related rights. The Siemens Data Privacy Organization may be contacted at: dataprotection(at)siemens.com .

The Siemens Data Privacy Organization will always use best efforts to address and settle any requests or complaints you bring to its attention. Besides contacting the Siemens Data Privacy Organization, you always have the right to approach the competent data protection authority with your request or complaint.

A list and contact details of local data protection authorities is available here.